Here's Why You Shouldn't Use iPhone Mirroring on a Corporate Mac

by

Apple's new iPhone Mirroring feature in macOS Sequoia might seem like a convenient way to access your phone from your work computer, but security firm Sevco has uncovered a significant privacy risk that should make employees think twice before enabling this feature on company-owned Macs, at least for now.

macos sequoia macbook air iphone mirroring app icon in dock
According to a new blog post by Sevco, the core issue lies in how iPhone Mirroring interacts with macOS's file system and metadata. When activated, the feature creates "app stubs" for iOS applications in a specific directory on the Mac:

/Users//Library/Daemon Containers//Data/Library/Caches/

These app stubs contain metadata about the iOS apps, including icons, application names, dates, versions, and file descriptions. While they don't include the full executable code, they provide enough information for macOS to treat them as installed applications.

The problem arises because many enterprise security and IT management tools routinely scan Macs for installed software. These tools often use macOS's built-in metadata system, which now includes these iOS app stubs. As a result, personal iPhone apps can inadvertently appear in corporate software inventories.

Sevco demonstrated this issue using the macOS command line tool mdfind, which interfaces with the Spotlight search subsystem:

mdfind "kMDItemContentTypeTree == com.apple.application" | grep Daemon

When executed in a Terminal window that has been granted full disk access without setting up iPhone Mirroring, the command returns a normal list of macOS applications. But when executed in that same Terminal window after setting up iPhone Mirroring, it also returns personal iOS applications and metadata.

For employees, this means that apps they use privately could become visible to their employer's IT department without their knowledge or consent. This could potentially reveal sensitive personal information, such as dating apps, health-related apps, or VPNs used in countries with restricted internet access.

macos sequoia iphone mirroring

Sevco has alerted Apple to this privacy concern, and the company is reportedly working on a fix. However, until a patch is released and widely implemented, the risks remain. For now, employees should avoid using iPhone Mirroring on work Macs. Companies should also be aware of this potential data liability and consider temporarily disabling the feature on corporate devices if possible.

Related Roundup: macOS Sequoia
Tag: macOS Security
Related Forum: macOS Sequoia

Popular Stories

space black mbp

Apple Potentially Facing Worst Leak Since iPhone 4 Was Left in a Bar

Monday October 7, 2024 3:03 pm PDT by
Alleged photos and videos of an unannounced 14-inch MacBook Pro with an M4 chip continue to surface on social media, in what could be the worst product leak for Apple since an employee accidentally left an iPhone 4 prototype at a bar in California in 2010. The latest video of what could be a next-generation MacBook Pro was shared on YouTube Shorts today by Russian channel Romancev768, just...
Read Full Article166 comments
Alleged M4 MacBook Pro Leak Video

Alleged M4 MacBook Pro Unboxing Video Reveals These Four Upgrades

Sunday October 6, 2024 6:10 pm PDT by
An alleged unboxing video for an unannounced 14-inch MacBook Pro with the M4 chip was uploaded to YouTube today by Russian channel Wylsacom. The video was later linked to on social media platform X by Bloomberg's Mark Gurman. It is possible that this is the same MacBook Pro box shown in photos that were shared by leaker ShrimpApplePro in late September, as he claimed that this MacBook Pro...
Read Full Article282 comments
M4 Real Feature Red

Gurman: Apple to Launch First M4 Macs and Potentially iPad Mini 7 on November 1

Sunday October 6, 2024 6:40 am PDT by
Apple will announce several new M4 Mac models around the end of October, with the company planning to launch at least some of them as soon as Friday, November 1, according to Bloomberg's Mark Gurman. Writing in his latest Power On newsletter, Gurman said that Apple will launch a new M4 version of its low-end 14-inch MacBook Pro, as well as higher-end 14-inch and 16-inch MacBook Pro models...
Read Full Article141 comments
watchos 11 vitals

Apple Watch Users Report Vitals App Detecting Illness Before Symptoms Appear

Monday October 7, 2024 5:34 am PDT by
Apple's new Vitals app for watchOS 11 appears to be impressing some users with its ability to detect potential illness days before symptoms manifest, according to recent reports on Reddit. The Apple Watch app, which analyzes key health metrics measured during sleep over the last seven days, appears to be providing early warnings of impending sickness for at least some Apple Watch wearers...
Read Full Article92 comments
Generic iOS 18

Apple Plans to Release iOS 18.1 With Apple Intelligence on October 28

Sunday October 6, 2024 6:18 am PDT by
Apple intends to launch iOS 18.1 with the first set of much-anticipated Apple Intelligence features on October 28, according to Bloomberg's Mark Gurman. Writing in the latest edition of his Power On newsletter, Gurman says the release date is arriving this month later than initially expected, as Apple is reportedly taking extra time to ensure a smooth rollout and prepare its AI cloud...
Read Full Article105 comments
Generic iOS 18

Everything New in iOS 18.1 Beta 6

Monday October 7, 2024 4:27 pm PDT by
We're nearing the end of the iOS 18.1 beta testing process, but Apple is continuing to make tweaks to refine built-in features ahead of when the software launches. With testing winding down, there are fewer new additions, but Apple has made changes worth noting. The new beta is available for both developers and public beta testers. Control Center In the Control Center, Apple has added new...
Read Full Article41 comments
iPad mini review thumb

iPad Mini 7 Coming Next Month: What to Expect

Tuesday October 8, 2024 6:16 am PDT by
Rumors strongly suggest Apple will release the seventh-generation iPad mini in November, nearly three years after the last refresh. Here's a roundup of what we're expecting from the next version of Apple's small form factor tablet, based on the latest rumors and reports. Design and Display The new iPad mini is likely to retain its compact 8.3-inch display and overall design introduced with...
Read Full Article105 comments

Top Rated Comments

Line_Noise Avatar
Line_Noise
2 hours ago at 04:57 am
More pointedly, don’t use your personal Apple ID on a corporate Mac. Because that’s a requirement for enabling iPhone Mirroring.
Score: 13 Votes (Like | Disagree)
00001000bit Avatar
00001000bit
3 hours ago at 04:44 am
I imagine employers also do not want this.

I use the personal (free) license for Fusion360 and have it on my phone. If that appears on a corporate owned computer, is the company now liable for a commercial license? It's not like Autodesk is particularly forgiving about commercial licensing.
Score: 7 Votes (Like | Disagree)
TIMO_737 Avatar
TIMO_737
3 hours ago at 04:34 am
Well now we know why Apple does not release it in the EU-SSR
Score: 6 Votes (Like | Disagree)
mattopotamus Avatar
mattopotamus
2 hours ago at 04:57 am
It is times like this I am happy I work for a small business and I am the "IT" person haha.
Score: 6 Votes (Like | Disagree)
Lyrics23 Avatar
Lyrics23
2 hours ago at 04:47 am

Well now we know why Apple does not release it in the EU-SSR
Uh, why? Apple’s security failure in this instance has literally nothing to do with the EU.

I suppose a company choosing to abuse the flaw might fall afoul of GDPR’s privacy protections, depending on why they’re gathering the data and what they do with it, but that has nothing to do with Apple.

Though I suppose the way you misnamed the EU shows clearly enough that you are only posting in bad-faith, without having any actual argument.
Score: 5 Votes (Like | Disagree)
B4U Avatar
B4U
2 hours ago at 05:06 am
And why would you use a personal Apple ID on the work laptop anyway?
Score: 5 Votes (Like | Disagree)
Read All Comments